langgraph
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides installation instructions for 'langgraph' and 'langgraph-checkpoint-sqlite' via pip. These are well-known packages from the official langchain-ai organization. It also includes functions to fetch documentation from the langchain-ai/langgraph GitHub repository using the mcp_context7 tool.
- [PROMPT_INJECTION]: The skill documents patterns for creating agents that invoke LLMs with message lists that may contain untrusted user input, creating a surface for indirect prompt injection. Mandatory Evidence Chain: (1) Ingestion points: Node functions in SKILL.md (e.g., agent_node) process state['messages']. (2) Boundary markers: No specific delimiters or 'ignore' instructions are defined in the provided templates to isolate user content. (3) Capability inventory: The skill references architectures that use search tools, calculator tools, and code execution tools (e.g., coder agent). (4) Sanitization: No explicit input sanitization or validation is present in the code snippets.
Audit Metadata